g10: Fix checking key for signature validation.

* g10/sig-check.c (signature_check2): Not only subkey, but also primary key should have flags.valid=1. -- (backport of master commit 6f284e6ed63f514b15fe610f490ffcefc87a2164) Signed-off-by: NIIBE Yutaka <[email protected]>
author: NIIBE Yutaka <[email protected]> 2016-08-04 07:21:39 +0000
committer: NIIBE Yutaka <[email protected]> 2016-08-04 08:15:23 +0000
commit: caff669212d2465a3a387571305a7230d394c0e0 (patch)
tree: b49fe95892aba6366726d87af12d87141635c03b
parent: gpgv: Tweak default options for extra security. (diff)
download: gnupg-caff669212d2465a3a387571305a7230d394c0e0.tar.gz
gnupg-caff669212d2465a3a387571305a7230d394c0e0.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/g10/sig-check.c b/g10/sig-check.c
index fc5e1fa41..7178d069f 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -82,9 +82,9 @@ signature_check2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
       }
     else if( get_pubkey( pk, sig->keyid ) )
 	rc = G10ERR_NO_PUBKEY;
-    else if(!pk->is_valid && !pk->is_primary)
+    else if(!pk->is_valid)
         rc=G10ERR_BAD_PUBKEY; /* you cannot have a good sig from an
-				 invalid subkey */
+				 invalid key */
     else
       {
         if(r_expiredate)
author	NIIBE Yutaka <[email protected]>	2016-08-04 07:21:39 +0000
committer	NIIBE Yutaka <[email protected]>	2016-08-04 08:15:23 +0000
commit	caff669212d2465a3a387571305a7230d394c0e0 (patch)
tree	b49fe95892aba6366726d87af12d87141635c03b
parent	gpgv: Tweak default options for extra security. (diff)
download	gnupg-caff669212d2465a3a387571305a7230d394c0e0.tar.gz gnupg-caff669212d2465a3a387571305a7230d394c0e0.zip